rejigTurn your VPS into an attack box
Stars: ✭ 33 (-81.03%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-18.39%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1020.11%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+78.16%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+88.51%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+235.06%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-75.29%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+18813.22%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-6.32%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (+62.07%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (+60.34%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-61.49%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-79.89%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-83.33%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+191.38%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-82.18%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+216.67%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+566.67%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+595.4%)
Project BlackPentest/BugBounty progress control with scanning modules
Stars: ✭ 257 (+47.7%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-86.21%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+459.77%)
Pcwt Stars: ✭ 46 (-73.56%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+182.76%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-67.82%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+656.32%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-19.54%)
Jira ScanCVE-2017-9506 - SSRF
Stars: ✭ 159 (-8.62%)
Pentestsome pentest scripts & tools by [email protected]
Stars: ✭ 136 (-21.84%)
Sec ToolsDocker images for infosec tools
Stars: ✭ 135 (-22.41%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-2.87%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-10.34%)
WavecrackWavestone's web interface for password cracking with hashcat
Stars: ✭ 135 (-22.41%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1008.05%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-10.34%)
O365sprayUsername enumeration and password spraying tool aimed at Microsoft O365.
Stars: ✭ 133 (-23.56%)
Awesome VulnerableA curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Stars: ✭ 133 (-23.56%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-1.72%)
Bountystrike ShPoor (rich?) man's bug bounty pipeline
Stars: ✭ 168 (-3.45%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+1295.98%)
TrigmapA wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-24.14%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-24.71%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-11.49%)
Evil WinrmThe ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1193.68%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+1001.15%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-4.6%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+1455.75%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-25.29%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-13.79%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-25.29%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-25.86%)
TechnowloggerTechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
Stars: ✭ 172 (-1.15%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-5.75%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1404.02%)
Cloud BusterA Cloudflare resolver that works
Stars: ✭ 128 (-26.44%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+955.75%)